Table of Contents
bindfs - mount --bind in user-space
bindfs [options] dir mountpoint
A FUSE filesystem for mirroring the contents of a directory
to another directory. Additionally, one can change the permissions of files
in the mirrored directory.
- -h, --help
- Displays a help message and
exits.
- -V, --version
- Displays version information and exits.
- -u, --user, --owner=user,
-o owner=...
- Makes all files owned by the specified user. Also causes chown
on the mounted filesystem to always fail.
- -g, --group=group, -o group=...
- Makes
all files owned by the specified group. Also causes chgrp on the mounted
filesystem to always fail.
- -p, --perms=permissions, -o perms=...
- Takes a comma-
or colon-separated list of chmod-like permission specifications to be applied
to the permission bits in order. See PERMISSION SPECIFICATION below for
details.
This only affects how the permission bits of existing files are
altered when shown in the mounted directory. You can use --create-with-perms
to change the permissions that newly created files get in the source directory.
Note that, as usual, the root user isn’t bound by the permissions set here.
You can get a truly read-only mount by using -r.
- -m, --mirror=users, -o mirror=...
- Takes a comma- or colon-separated list of users who will see themselves as
the owners of all files. Users who are not listed here will still be able
to access the mount if the permissions otherwise allow them to.
You can
also give a group name prefixed with an ’@’ to mirror all members of a group.
This will not change which group the files are shown to have.
- -M, --mirror-only=users,
-o mirror-only=...
- Like --mirror but disallows access for all other users (except
root).
- -n, --no-allow-other, -o no-allow-other
- Does not add -o allow_other to FUSE
options. This causes the mount to be accessible only by the current user.
New files and directories are created so they are
owned by the mounter. bindfs can let this happen (the default for normal
users), or it can try to change the owner to the uid/gid of the process
that wants to create the file (the default for root). It is also possible
to have bindfs try to change the owner to a particular user or group.
- --create-as-user,
-o create-as-user
- Tries to change the owner and group of new files and directories
to the uid and gid of the caller. This can work only if the mounter is root.
It is also the default behavior (mimicing mount --bind) if the mounter is
root.
- --create-as-mounter, -o create-as-mounter
- All new files and directories
will be owned by the mounter. This is the default behavior for non-root mounters.
- --create-for-user=user, -o create-for-user=...
- Tries to change the owner of new
files and directories to the user specified here. This can work only if
the mounter is root. This option overrides the --create-as-user and --create-as-mounter
options.
- --create-for-group=group, -o create-for-group=...
- Tries to change the owning
group of new files and directories to the group specified here. This can
work only if the mounter is root. This option overrides the --create-as-user
and --create-as-mounter options.
- --create-with-perms=permissions, -o create-with-perms=...
- Works like --perms but is applied to the permission bits of new files get
in the source directory. Normally the permissions of new files depend on
the creating process’s preferences and umask. This option can be used to
modify those permissions or override them completely. See PERMISSION SPECIFICATION
below for details.
The behaviour on chown/chgrp calls
can be changed. By default they are passed through to the source directory
even if bindfs is set to show a fake owner/group. A chown/chgrp call will
only succeed if the user has enough mirrored permissions to chmod the mirrored
file AND the mounter has enough permissions to chmod the real file.
- --chown-normal,
-o chown-normal
- Tries to chown the underlying file. This is the default.
- --chown-ignore,
-o chown-ignore
- Lets chown succeed (if the user has enough mirrored permissions)
but actually does nothing. A combined chown/chgrp is effectively turned
into a chgrp-only request.
- --chown-deny, -o chown-deny
- Makes chown always fail
with a ’permission denied’ error. A combined chown/chgrp request will fail
as well.
- --chgrp-normal, -o chgrp-normal
- Tries to chgrp the underlying file.
This is the default.
- --chgrp-ignore, -o chgrp-ignore
- Lets chgrp succeed (if
the user has enough mirrored permissions) but actually does nothing. A combined
chown/chgrp is effectively turned into a chown-only request.
- --chgrp-deny,
-o chgrp-deny
- Makes chgrp always fail with a ’permission denied’ error. A combined
chown/chgrp request will fail as well.
Chmod calls are forwarded
to the source directory by default. This may cause unexpected behaviour
if bindfs is altering permission bits.
- --chmod-normal, -o chmod-normal
- Tries
to chmod the underlying file. This will succeed if the user has the appropriate
mirrored permissions to chmod the mirrored file AND the mounter has enough
permissions to chmod the real file. This is the default (in order to behave
like mount --bind by default).
- --chmod-ignore, -o chmod-ignore
- Lets chmod succeed
(if the user has enough mirrored permissions) but actually does nothing.
- --chmod-deny, -o chmod-deny
- Makes chmod always fail with a ’permission denied’
error.
- --chmod-allow-x, -o chmod-allow-x
- Allows setting and clearing the executable
attribute on files (but not directories). When used with --chmod-ignore, chmods
will only affect execute bits on files and changes to other bits are discarded.
With --chmod-deny, all chmods that would change any bits except excecute bits
on files will still fail with a ’permission denied’. This option does nothing
with --chmod-normal.
Extended attributes are mirrored by default,
though not all underlying file systems support xattrs.
- --xattr-none, -o xattr-none
- Disable extended attributes altogether. All operations will return ’Operation
not supported’.
- --xattr-ro, -o xattr-ro
- Let extended attributes be read-only.
- --xattr-rw, -o xattr-rw
- Let extended attributes be read-write (the default). The
read/write permissions are checked against the (possibly modified) file
permissions inside the mount.
Recall that a unix file
has three standard timestamps: atime (last access i.e. read time), mtime
(last content modification time) ctime (last content or metadata (inode)
change time)
It may sometimes be useful to alter these timestamps, but
care should be taken not to cause programs (e.g. backup jobs) to miss important
changes.
- --ctime-from-mtime, -o ctime-from-mtime
- Reads the ctime of each file
and directory from its mtime. In other words, only content modifications
(as opposed to metadata changes) will be reflected in a mirrored file’s
ctime. (The underlying file’s ctime will still be updated normally.)
- -o options
- Fuse options.
- -r, -o ro
- Make the mount strictly read-only.
This even prevents root from writing to it. If this is all you need, then
(since Linux 2.6.26) you can get a more efficent mount with mount --bind and
then mount -o remount,ro.
- -d, -o debug
- Enable debug output (implies -f).
- -f
- Foreground operation.
- -s
- Disable multithreaded operation. bindfs should be
thread-safe.
The -p option takes a comma- or colon-separated
list of either octal numeric permission bits or symbolic representations
of permission bit operations. The symbolic representation is based on that
of the chmod(1) command. setuid, setgid and sticky bits are ignored.
This
program extends the chmod symbolic representation with the following operands:
‘D’ (right hand side) Works like X but applies only to directories (not
to executables).
‘d’ and ‘f’ (left hand side) Makes this directive only apply to directories
(d) or files (f).
e.g. gd-w would remove the group write bit from all directories.
‘u’, ‘g’, ‘o’ (right hand side) Uses the user (u), group (g) or others
(o) permission bits of
the original file.
e.g. g=u would copy the user’s permission bits to the group.
ug+o would add the others’ permissions to the owner and group.
Examples
- o-rwx
- Removes all permission bits from others.
- g=rD
- Allows group
to read all files and enter all directories, but nothing else.
- 0644,a+X
- Sets permission bits to 0644 and adds the execute bit for everyone to all
directories and executables.
- og-x:og+rD:u=rwX:g+rw
- Removes execute bit for
others and group, adds read and directory execute for others and group,
sets user permissions to read, write and execute directory/executable,
adds read and write for group.
- bindfs -u www -g nogroup -p 0000,u=rD
~/mywebsite ~/public_html/mysite
-
Publishes a website in public_html so
that only the ’www’ user can read the site.
- bindfs -M foo,bar,1007,@mygroup
-p 0600,u+X dir mnt
-
Gives access to ’foo’, ’bar’, the user with the UID 1007
as well as everyone in the group ’mygroup’. Sets the permission bits to 0600,
thus giving the specified users read/write access, and adds the user execute
bit for directories and executables.
- bindfs -ono-allow-other,perms=a-w somedir
somedir
-
Makes a directory read-only and accessable only by the current
user.
- bindfs#/home/bob/shared /var/www/shared/bob fuse perms=0000:u+rD
0 0
-
An example /etc/fstab entry. Note that the colon must be used to
separate arguments to perms, because the comma is an option separator in
/etc/fstab.
Setuid and setgid bits have no effect inside the mount.
This is a necessary security feature of FUSE.
MacFuse caches file contents
by default. This means that changes in source files are not always immediately
visible under the mount point. -o nolocalcaches can be used to disable the
cache.
Please report to the issue tracker on the project home page
at http://code.google.com/p/bindfs/
Martin P[:a]rtel <martin dot partel
at gmail dot com>
chmod(1), fusermount(1)
Table of Contents